Security Advisory

CVE-2025-25243

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-11 00:38:02

Last updated 2025-02-18 18:03:33

Assigner sap

State PUBLISHED

Description

SAP Supplier Relationship Management (Master Data Management Catalog) allows an unauthenticated attacker to use a publicly available servlet to download an arbitrary file over the network without any user interaction. This can reveal highly sensitive information with no impact to integrity or availability.

← Browse all CVEs View on cve.org ↗